Security
Denial of Service Prevention
Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4 369
17
To configure DoS Prevention global settings and monitor SCT:
STEP 1 Click Security > Denial of Service Prevention > Security Suite Settings.
CPU Protection Mechanism: Enabled indicates that SCT is enabled.
STEP 2 Click Details beside CPU Utilization to go to the CPU Utilization page and view CPU
resource utilization information.
STEP 3 Click Edit beside TCP SYN Protection to set the feature.
STEP 4 Select DoS Prevention to enable the feature.
• Disable—Disable the feature.
• System-Level Prevention—Enable that part of the feature that prevents attacks from
Stacheldraht Distribution, Invasor Trojan, and Back Orifice Trojan.
• System-Level and Interface-Level Prevention—Enable that part of the feature that
prevents attacks from Stacheldraht Distribution, Invasor Trojan, and Back Orifice
Trojan.
STEP 5 If System-Level Prevention or System-Level and Interface-Level Prevention is selected,
enable one or more of the following DoS Prevention options:
• Stacheldraht Distribution—Discards TCP packets with source TCP port equal to
16660.
• Invasor Trojan—Discards TCP packets with destination TCP port equal to 2140 and
source TCP port equal to 1024.
• Back Orifice Trojan—Discards UDP packets with destination UDP port equal to
31337 and source UDP port equal to 1024.
STEP 6 Click the following as required:
• Martian Addresses—Click Edit to go to the Martian Addresses page.
• SYN Filtering—Click Edit to go to the SYN Filtering page.
• SYN Rate Protection—(In Layer 2 only) Click Edit to go to the SYN Rate Protection
page.
• ICMP Filtering—Click Edit to go to the ICMP Filtering page.
• IP Fragmented—Click Edit to go to the IIP Fragments Filtering page.
To Next Page
Loading...
